Cryptology ePrint Archive: Report 2012/207
Cryptanalysis of Hummingbird-2
Kai Zhang, Lin Ding and Jie Guan
Abstract: Hummingbird is a lightweight encryption and message authentication primitive published in RISC’09 and WLC’10. In FSE’11, Markku-Juhani O.Saarinen presented a differential divide-and-conquer method which has complexity upper bounded by 264 operations and requires processing of few megabytes of chosen messages under two related nonces (IVs). The improved version, Hummingbird-2, was presented in RFIDSec 2011. Based on the idea of differential collision, this paper discovers some weaknesses of the round function WD16 combining with key loading algorithm and we propose a related-key chosen-IV attack which can recover the full secret key. Under 24 pairs of related keys, the 128 bit initial key can be recovered, with the computational complexity of O(232.6) and data complexity of O(232.6). The result shows that the Hummingbird-2 cipher can’t resist related key attack.
Category / Keywords: secret-key cryptography / Cryptanalysis; Hummingbird-2; Related Key Attack; Lightweight Cipher; Hybrid Cipher
Date: received 16 Apr 2012, withdrawn 24 May 2012
Contact author: zhkai2010 at 139 com
Available format(s): (-- withdrawn --)
Note: We found some small mistakes in the old version of our paper so we withdraw this paper and revise it later.
Version: 20120525:044515 (All versions of this report)
Short URL: ia.cr/2012/207
Discussion forum: Show discussion | Start new discussion
[ Cryptology ePrint archive ]